[stunnel-users] Stunnel as an "HTTPS to HTTPS" proxy

Javier meresponde2001-stn at yahoo.es
Mon Mar 4 17:49:32 CET 2013

On Mon, 04 Mar 2013 11:01:37 +0200
"jmwb at webmail.co.za" <jmwb at webmail.co.za> wrote:

> Hi,
> Please could you tell me if Stunnel supports HTTPS on the 
> client-side i.e. a
> true SSL proxy with client-side SSL and server-side SSL (or if 
> anyone has developed a version that does)?
> I have tried searching for this without luck because it is 
> difficult to narrow
> down the search criteria e.g. Stunnel is already cited as an SSL 
> proxy.
> jmwb


Stunnel is a proxy itself, or a tunnel, as you whish. A secure 
transparent proxy/tunnel for non-capable SSL/secure applications.

A simple example. Imagine you can't use, for whatever reason, SSL 
with your web browser (or other application but I'll use a web 
example) and your web server.

You'll need to create in the Stunnel.conf in the client side a 
client service as:

client = yes
; just a random port where the web browser will connect
accept =
; address of web server IP or hostname, web SSL port 443 or other 
;random depending on your needs
connect = webserver:443

In the server side...:

client = no
accept = webserver:443
; address or hostname and port where the web server accepts 
; connections
connect = webserver:45689

With this configuration, there is a transparent SSL proxy/tunnel 
between the non-capable SSL browser and the non-capable SSL web 
server. All SSL dialog is made between the both instances of stunnel 
(client and server side). Also, you can configure them to use 
certificates (no need to use browser insalled certificates for 

Hope this can help. It is quite easy. For further configurations, 
just check the manual. It is almost all there. And/or lots of
examples around the web.


More information about the stunnel-users mailing list